VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-03-2021
Ran by uživatel (administrator) on LENOVO (LENOVO 80MR) (02-04-2021 05:16:56)
Running from D:\NEJPLOŠŠŠŠÍ Z POLOCH
Loaded Profiles: uživatel
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(IP Izmaylov Artem Andreevich -> AIMP DevTeam) D:\programy\AIMP\AIMP.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe
(PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Universal Control.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\iSkysoft\UniConverter(IS)\WSVCUUpdateHelper.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\Run: [SpyEmergency] => D:\programy\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\Run: [Universal Control] => C:\Program Files\PreSonus\Universal Control\Universal Control.exe [18298368 2020-02-20] (PreSonus) [File not signed]
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\MountPoints2: {62a1e345-826d-11ea-8291-68f728befd68} - "E:\AutoRun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-03-30] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2019-08-21]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {26E97C34-464A-42C9-89C6-6BB969605A2C} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {3A06E549-FDCC-44F3-80FC-47E998E39731} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-16] (Google Inc -> Google Inc.)
Task: {56CF530A-2BCC-45B1-A514-0BE0A0CCD26A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {56CF530A-2BCC-45B1-A514-0BE0A0CCD26A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {56CF530A-2BCC-45B1-A514-0BE0A0CCD26A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{0177963A-7B59-4E6D-B99A-192D6ABF0FCE}" /ENABLE
Task: {56CF530A-2BCC-45B1-A514-0BE0A0CCD26A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {9EA9555C-2284-46BE-9D59-8898C0EB43B0} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {E95CD146-EC55-4FD1-892C-8A818D433A19} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-16] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0A679C5A-4F02-4B9C-9825-D3F85B953F9F}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{B5C6359A-28A2-41F8-95A7-84FA94DE1577}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{F403AA2A-6AE1-4351-8DBF-46E7A487AD7D}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @videolan.org/vlc,version=3.0.10 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default [2021-04-02]
CHR DownloadDir: D:\
CHR Notifications: Default -> hxxps://www.xvideos.com
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Ochrana Kaspersky) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-03-11]
CHR Extension: (Disk Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-16]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-30]
CHR Extension: (Adblocker) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eomjepbbibnhjbekbabbpgbkknienden [2019-04-18]
CHR Extension: (Click&Clean) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2021-03-26]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-01]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2021-03-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-15]
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-26]
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-15]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-2330612324-4196637853-554147409-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-15] (Adobe Inc. -> Adobe)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BITCOMET_HELPER_SERVICE; D:\programy\tools\BitCometService.exe [1296728 2013-11-29] (Shanghai Comet Network Technology -> www.BitComet.com)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2021-03-01] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-27] (GOG Sp. z o.o. -> GOG.com)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 PreSonus Hardware Access Service; C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe [432640 2020-02-20] (PreSonus) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
S2 SpyEmrgHealth; D:\programy\Spy Emergency\SpyEmergencyHealth.exe [X]
S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\UniConverter(IS)\Transfer\DriverInstall.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4267008 2015-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657176 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1400584 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [230976 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [86656 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [275664 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [101112 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [190952 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 PaeStudioUsb; C:\Windows\System32\drivers\PaeStudioUsb.sys [374000 2019-12-20] (PreSonus Audio Electronics, Inc -> )
S3 PaeStudioUsbks; C:\Windows\system32\DRIVERS\PaeStudioUsbks.sys [54000 2019-12-20] (PreSonus Audio Electronics, Inc -> )
S3 PaeStudioUsb_loopback; C:\Windows\System32\drivers\PaeStudioUsb_loopback.sys [42736 2019-12-20] (PreSonus Audio Electronics, Inc -> )
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 teVirtualMIDI64; C:\Windows\system32\DRIVERS\teVirtualMIDI64.sys [41016 2016-08-31] (Tobias Erichsen -> Tobias Erichsen)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
S3 CLVirtualBus01; \SystemRoot\System32\drivers\CLVirtualBus01.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-02 05:16 - 2021-04-02 05:17 - 000000000 ___DC C:\FRST
2021-03-26 10:00 - 2021-03-26 10:00 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2021-03-26 09:50 - 2021-03-26 09:50 - 000000000 ___HC C:\Users\uživatel\Documents\Default.rdp
2021-03-12 10:08 - 2021-03-12 10:08 - 000000000 ___DC C:\ProgramData\Realtek
2021-03-11 22:17 - 2021-03-11 22:17 - 000275664 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2021-03-11 22:15 - 2021-03-11 22:15 - 000230976 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2021-03-11 22:15 - 2021-03-11 22:15 - 000190952 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2021-03-11 22:15 - 2021-03-11 22:15 - 000101112 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2021-03-11 22:15 - 2021-03-11 22:15 - 000086656 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_kimul.sys
2021-03-11 22:15 - 2021-03-11 22:15 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2021-03-11 22:15 - 2021-02-19 22:09 - 000110176 ____C (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2021-03-11 22:15 - 2021-02-19 22:08 - 001042712 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2021-03-11 22:15 - 2021-02-19 22:08 - 000514840 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2021-03-11 21:56 - 2021-03-11 21:56 - 000000000 ___DC C:\Users\uživatel\AppData\Local\Kaspersky Lab
2021-03-11 21:54 - 2021-03-11 22:32 - 000000000 ___DC C:\ProgramData\Kaspersky Lab
2021-03-11 21:54 - 2021-03-11 22:16 - 000003032 ____C C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-03-11 21:54 - 2021-03-11 22:15 - 000000000 ___DC C:\Program Files\Common Files\AV
2021-03-11 21:54 - 2021-03-11 22:15 - 000000000 ___DC C:\Program Files (x86)\Kaspersky Lab
2021-03-11 21:54 - 2021-03-11 21:54 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-03-07 00:16 - 2021-03-07 00:16 - 000000000 ___DC C:\Users\uživatel\AppData\Roaming\Portforward.com
2021-03-06 13:23 - 2021-03-06 13:23 - 002549521 ____C C:\Users\uživatel\Documents\Návod-na-používání-a-interpretace-výsledků-antigenního-testu-pro-detekci-viru-SARS-CoV-2-covid-19-ve-výtěru-z-nosohlatnu.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-02 02:15 - 2019-04-16 12:18 - 000003974 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0177963A-7B59-4E6D-B99A-192D6ABF0FCE}
2021-04-02 02:13 - 2019-04-18 05:31 - 000000000 ___DC C:\Users\uživatel\AppData\Roaming\AIMP
2021-04-02 01:52 - 2019-04-18 07:32 - 000000000 __HDC C:\Users\uživatel\OneDrive
2021-04-02 01:09 - 2014-11-21 06:53 - 001661194 ____C C:\Windows\system32\PerfStringBackup.INI
2021-04-02 01:09 - 2014-11-21 06:10 - 000706404 ____C C:\Windows\system32\perfh005.dat
2021-04-02 01:09 - 2014-11-21 06:10 - 000144168 ____C C:\Windows\system32\perfc005.dat
2021-04-02 01:09 - 2013-08-22 15:36 - 000000000 ___DC C:\Windows\Inf
2021-04-02 01:03 - 2019-04-16 12:33 - 000000000 _SHDC C:\Users\uživatel\IntelGraphicsProfiles
2021-04-02 01:03 - 2019-04-16 12:23 - 000000180 ____C C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-02 01:03 - 2013-08-22 16:45 - 000000006 ___HC C:\Windows\Tasks\SA.DAT
2021-04-02 01:03 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-03-30 23:12 - 2019-12-06 06:56 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2330612324-4196637853-554147409-1001
2021-03-30 22:45 - 2019-04-16 12:21 - 000002244 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-29 11:33 - 2019-04-17 22:40 - 000000000 ___DC C:\Users\uživatel\AppData\Roaming\vlc
2021-03-27 06:28 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2021-03-26 09:50 - 2021-01-25 22:49 - 000002180 ____C C:\Windows\diagerr.xml
2021-03-26 09:50 - 2021-01-25 22:49 - 000001908 ____C C:\Windows\diagwrn.xml
2021-03-26 09:50 - 2021-01-25 22:49 - 000000000 ___DC C:\Users\uživatel\AppData\Local\MigWiz
2021-03-26 08:46 - 2019-04-23 18:51 - 000000000 ___DC C:\Users\uživatel\AppData\Local\ElevatedDiagnostics
2021-03-18 22:55 - 2019-08-21 21:09 - 000000000 ___DC C:\Users\uživatel\AppData\Local\CrashDumps
2021-03-16 13:04 - 2019-04-12 16:22 - 000000000 ___DC C:\Users\uživatel
2021-03-11 22:15 - 2013-08-22 17:36 - 000000000 __HDC C:\Windows\ELAMBKUP
2021-03-11 22:10 - 2019-12-18 04:20 - 000003386 ____C C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-11 22:10 - 2019-12-18 04:20 - 000003258 ____C C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-11 22:10 - 2019-04-16 12:19 - 000000000 ___DC C:\ProgramData\AVAST Software
2021-03-11 21:47 - 2019-04-16 12:20 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-03-11 20:51 - 2020-01-15 04:47 - 000000000 ___DC C:\Users\uživatel\AppData\Roaming\Celemony Software GmbH
2021-03-11 15:14 - 2013-08-22 17:36 - 000000000 ___DC C:\Windows\AppReadiness
2021-03-06 20:18 - 2013-08-22 17:36 - 000000000 ___DC C:\Windows\system32\NDF
2021-03-06 18:28 - 2019-11-16 10:55 - 000000000 ___DC C:\Temp

==================== Files in the root of some directories ========

2020-12-21 12:47 - 2020-12-21 12:47 - 000000040 ____C () C:\Users\uživatel\AppData\Roaming\cdr.ini
2019-05-25 04:23 - 2021-01-25 23:48 - 000007597 ____C () C:\Users\uživatel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-04-01 00:22
==================== End of FRST.txt ========================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-02-2021
# Duration: 00:00:01
# OS: Windows 8.1
# Cleaned: 10
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\uživatel\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Burn4Free
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2306 octets] - [02/04/2021 13:32:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-02-2021
# Duration: 00:00:01
# OS: Windows 8.1
# Cleaned: 10
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\uživatel\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Burn4Free
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2306 octets] - [02/04/2021 13:32:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosím o nevé logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Ran by uživatel (administrator) on LENOVO (LENOVO 80MR) (06-04-2021 21:20:22)
Running from D:\NEJPLOŠŠŠŠÍ Z POLOCH
Loaded Profiles: uživatel
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe
(PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Universal Control.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\iSkysoft\UniConverter(IS)\WSVCUUpdateHelper.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\Run: [SpyEmergency] => D:\programy\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\Run: [Universal Control] => C:\Program Files\PreSonus\Universal Control\Universal Control.exe [18298368 2020-02-20] (PreSonus) [File not signed]
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\MountPoints2: {62a1e345-826d-11ea-8291-68f728befd68} - "E:\AutoRun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-03-30] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2019-08-21]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {26E97C34-464A-42C9-89C6-6BB969605A2C} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {3A06E549-FDCC-44F3-80FC-47E998E39731} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-16] (Google Inc -> Google Inc.)
Task: {56CF530A-2BCC-45B1-A514-0BE0A0CCD26A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {56CF530A-2BCC-45B1-A514-0BE0A0CCD26A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {56CF530A-2BCC-45B1-A514-0BE0A0CCD26A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{0177963A-7B59-4E6D-B99A-192D6ABF0FCE}" /ENABLE
Task: {56CF530A-2BCC-45B1-A514-0BE0A0CCD26A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {9EA9555C-2284-46BE-9D59-8898C0EB43B0} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {E95CD146-EC55-4FD1-892C-8A818D433A19} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-16] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{0A679C5A-4F02-4B9C-9825-D3F85B953F9F}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{B5C6359A-28A2-41F8-95A7-84FA94DE1577}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{F403AA2A-6AE1-4351-8DBF-46E7A487AD7D}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @videolan.org/vlc,version=3.0.10 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\programy\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default [2021-04-06]
CHR DownloadDir: D:\
CHR Notifications: Default -> hxxps://www.xvideos.com
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Ochrana Kaspersky) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-03-11]
CHR Extension: (Disk Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-16]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-30]
CHR Extension: (Adblocker) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eomjepbbibnhjbekbabbpgbkknienden [2019-04-18]
CHR Extension: (Click&Clean) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2021-03-26]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-01]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2021-03-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-15]
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-26]
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-15]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-2330612324-4196637853-554147409-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-15] (Adobe Inc. -> Adobe)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BITCOMET_HELPER_SERVICE; D:\programy\tools\BitCometService.exe [1296728 2013-11-29] (Shanghai Comet Network Technology -> www.BitComet.com)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2021-03-01] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-27] (GOG Sp. z o.o. -> GOG.com)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 PreSonus Hardware Access Service; C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe [432640 2020-02-20] (PreSonus) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
S2 SpyEmrgHealth; D:\programy\Spy Emergency\SpyEmergencyHealth.exe [X]
S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\UniConverter(IS)\Transfer\DriverInstall.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4267008 2015-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657176 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1400584 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [230976 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [86656 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [275664 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [101112 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [190952 2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 PaeStudioUsb; C:\Windows\System32\drivers\PaeStudioUsb.sys [374000 2019-12-20] (PreSonus Audio Electronics, Inc -> )
S3 PaeStudioUsbks; C:\Windows\system32\DRIVERS\PaeStudioUsbks.sys [54000 2019-12-20] (PreSonus Audio Electronics, Inc -> )
S3 PaeStudioUsb_loopback; C:\Windows\System32\drivers\PaeStudioUsb_loopback.sys [42736 2019-12-20] (PreSonus Audio Electronics, Inc -> )
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 teVirtualMIDI64; C:\Windows\system32\DRIVERS\teVirtualMIDI64.sys [41016 2016-08-31] (Tobias Erichsen -> Tobias Erichsen)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
S3 CLVirtualBus01; \SystemRoot\System32\drivers\CLVirtualBus01.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-02 13:31 - 2021-04-02 13:33 - 000000000 ___DC C:\AdwCleaner
2021-04-02 05:16 - 2021-04-06 21:20 - 000000000 ___DC C:\FRST
2021-03-26 10:00 - 2021-03-26 10:00 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2021-03-26 09:50 - 2021-03-26 09:50 - 000000000 ___HC C:\Users\uživatel\Documents\Default.rdp
2021-03-12 10:08 - 2021-03-12 10:08 - 000000000 ___DC C:\ProgramData\Realtek
2021-03-11 22:17 - 2021-03-11 22:17 - 000275664 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2021-03-11 22:15 - 2021-03-11 22:15 - 000230976 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2021-03-11 22:15 - 2021-03-11 22:15 - 000190952 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2021-03-11 22:15 - 2021-03-11 22:15 - 000101112 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2021-03-11 22:15 - 2021-03-11 22:15 - 000086656 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_kimul.sys
2021-03-11 22:15 - 2021-03-11 22:15 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2021-03-11 22:15 - 2021-02-19 22:09 - 000110176 ____C (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2021-03-11 22:15 - 2021-02-19 22:08 - 001042712 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2021-03-11 22:15 - 2021-02-19 22:08 - 000514840 ____C (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2021-03-11 21:56 - 2021-03-11 21:56 - 000000000 ___DC C:\Users\uživatel\AppData\Local\Kaspersky Lab
2021-03-11 21:54 - 2021-03-11 22:32 - 000000000 ___DC C:\ProgramData\Kaspersky Lab
2021-03-11 21:54 - 2021-03-11 22:16 - 000003032 ____C C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-03-11 21:54 - 2021-03-11 22:15 - 000000000 ___DC C:\Program Files\Common Files\AV
2021-03-11 21:54 - 2021-03-11 22:15 - 000000000 ___DC C:\Program Files (x86)\Kaspersky Lab
2021-03-11 21:54 - 2021-03-11 21:54 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-03-07 00:16 - 2021-03-07 00:16 - 000000000 ___DC C:\Users\uživatel\AppData\Roaming\Portforward.com

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-06 21:13 - 2019-04-16 12:18 - 000003974 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0177963A-7B59-4E6D-B99A-192D6ABF0FCE}
2021-04-06 21:12 - 2014-11-21 06:53 - 001661194 ____C C:\Windows\system32\PerfStringBackup.INI
2021-04-06 21:12 - 2014-11-21 06:10 - 000706404 ____C C:\Windows\system32\perfh005.dat
2021-04-06 21:12 - 2014-11-21 06:10 - 000144168 ____C C:\Windows\system32\perfc005.dat
2021-04-06 21:12 - 2013-08-22 15:36 - 000000000 ___DC C:\Windows\Inf
2021-04-06 21:06 - 2019-04-18 07:32 - 000000000 __HDC C:\Users\uživatel\OneDrive
2021-04-06 21:05 - 2019-04-16 12:33 - 000000000 _SHDC C:\Users\uživatel\IntelGraphicsProfiles
2021-04-06 21:05 - 2019-04-16 12:23 - 000000180 ____C C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-06 21:05 - 2013-08-22 16:45 - 000000006 ___HC C:\Windows\Tasks\SA.DAT
2021-04-05 17:44 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2021-04-02 17:43 - 2019-04-17 22:40 - 000000000 ___DC C:\Users\uživatel\AppData\Roaming\vlc
2021-04-02 17:00 - 2019-04-18 05:31 - 000000000 ___DC C:\Users\uživatel\AppData\Roaming\AIMP
2021-04-02 13:34 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-03-30 23:12 - 2019-12-06 06:56 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2330612324-4196637853-554147409-1001
2021-03-30 22:45 - 2019-04-16 12:21 - 000002244 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-26 09:50 - 2021-01-25 22:49 - 000002180 ____C C:\Windows\diagerr.xml
2021-03-26 09:50 - 2021-01-25 22:49 - 000001908 ____C C:\Windows\diagwrn.xml
2021-03-26 09:50 - 2021-01-25 22:49 - 000000000 ___DC C:\Users\uživatel\AppData\Local\MigWiz
2021-03-26 08:46 - 2019-04-23 18:51 - 000000000 ___DC C:\Users\uživatel\AppData\Local\ElevatedDiagnostics
2021-03-18 22:55 - 2019-08-21 21:09 - 000000000 ___DC C:\Users\uživatel\AppData\Local\CrashDumps
2021-03-16 13:04 - 2019-04-12 16:22 - 000000000 ___DC C:\Users\uživatel
2021-03-11 22:15 - 2013-08-22 17:36 - 000000000 __HDC C:\Windows\ELAMBKUP
2021-03-11 22:10 - 2019-12-18 04:20 - 000003386 ____C C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-11 22:10 - 2019-12-18 04:20 - 000003258 ____C C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-11 22:10 - 2019-04-16 12:19 - 000000000 ___DC C:\ProgramData\AVAST Software
2021-03-11 21:47 - 2019-04-16 12:20 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-03-11 20:51 - 2020-01-15 04:47 - 000000000 ___DC C:\Users\uživatel\AppData\Roaming\Celemony Software GmbH
2021-03-11 15:14 - 2013-08-22 17:36 - 000000000 ___DC C:\Windows\AppReadiness

==================== Files in the root of some directories ========

2020-12-21 12:47 - 2020-12-21 12:47 - 000000040 ____C () C:\Users\uživatel\AppData\Roaming\cdr.ini
2019-05-25 04:23 - 2021-01-25 23:48 - 000007597 ____C () C:\Users\uživatel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-04-01 00:22
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by uživatel (06-04-2021 21:22:28)
Running from D:\NEJPLOŠŠŠŠÍ Z POLOCH
Windows 8.1 (Update) (X64) (2019-04-12 14:22:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2330612324-4196637853-554147409-500 - Administrator - Disabled)
Guest (S-1-5-21-2330612324-4196637853-554147409-501 - Limited - Disabled)
uživatel (S-1-5-21-2330612324-4196637853-554147409-1001 - Administrator - Enabled) => C:\Users\uživatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {F41710F6-65D1-4F66-2B68-CCCF63D4A09E}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.293 - Adobe)
AIMP (HKLM-x32\...\AIMP) (Version: v4.70.2242, 01.02.2021 - AIMP DevTeam)
Aktualizace NVIDIA 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.4.1.21 - NVIDIA Corporation)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.21.3 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
BitComet 1.63 (HKLM-x32\...\BitComet_x64) (Version: 1.63 - CometNetwork)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
Kaspersky Total Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
K-Lite Codec Pack 9.2.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.00.0203 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
PreSonus Studio One 2 (HKLM-x32\...\PreSonus Studio One 2) (Version: 2.6.2.25590 - PreSonus Audio Electronics)
PreSonus Studio One 4 (HKLM\...\PreSonus Studio One 4) (Version: 4.6.2.58729 - PreSonus Audio Electronics)
S.T.A.L.K.E.R. Call of Pripyat (HKLM-x32\...\1207660583_is1) (Version: 2.1.0.17 - GOG.com)
S.T.A.L.K.E.R. Clear Sky (HKLM-x32\...\1207660603_is1) (Version: 2.1.0.10 - GOG.com)
S.T.A.L.K.E.R. Shadow of Chernobyl (HKLM-x32\...\1207660573_is1) (Version: 2.1.0.9 - GOG.com)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Skype verze 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
teVirtualMIDI64 (HKLM\...\{300D1BB9-FA9E-40EA-ADD8-934D5066F6D5}) (Version: 1.2.11.41 - Tobias Erichsen)
Universal Control (HKLM\...\Universal Control) (Version: 3.2.0.56558 - PreSonus Audio Electronics, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\WhatsApp) (Version: 2.2106.10 - WhatsApp)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\ZoomUMX) (Version: 5.4.7 (59784.1220) - Zoom Video Communications, Inc.)

Packages:
=========
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.336_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2019-05-15] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\ChromeHTML: -> <==== ATTENTION
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\winrar\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\programy\winrar\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-03-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\winrar\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\programy\winrar\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=ws1uC7KipGQnFuBJ9wb0YDaip6HFnh7UkDs7lNCrXsGhexvR8Cr77ipJgAAAIOOKzsie&click_id=38ab475b874645b98108741343990d4a7e8eef9f

==================== Loaded Modules (Whitelisted) =============

2020-02-20 20:19 - 2020-02-20 20:19 - 004903936 ____C () [File not signed] C:\Program Files\PreSonus\Universal Control\ipp.dll
2019-12-20 01:06 - 2019-12-20 01:06 - 018891264 ____C () [File not signed] C:\Program Files\PreSonus\Universal Control\SmaartFactory_x64.dll
2019-12-19 20:34 - 2019-12-19 20:34 - 001834496 ____C () [File not signed] C:\Program Files\PreSonus\Universal Control\vectorlib.dll
2020-02-20 20:33 - 2020-02-20 20:33 - 000057344 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\avdecc.dll
2020-02-20 20:22 - 2020-02-20 20:22 - 004993024 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclgui.dll
2020-02-20 20:25 - 2020-02-20 20:25 - 000600576 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclnet.dll
2020-02-20 20:23 - 2020-02-20 20:23 - 001010688 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclsecurity.dll
2020-02-20 20:21 - 2020-02-20 20:21 - 001125888 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\cclsystem.dll
2020-02-20 20:21 - 2020-02-20 20:21 - 000463360 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\ccltext.dll
2020-02-20 20:32 - 2020-02-20 20:32 - 000799232 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\atomdevice.dll
2020-02-20 20:31 - 2020-02-20 20:31 - 000466944 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\audioboxdevice.dll
2020-02-20 20:32 - 2020-02-20 20:32 - 000105472 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\faderportdevice.dll
2020-02-20 20:32 - 2020-02-20 20:32 - 000705536 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\firewiredevice.dll
2020-02-20 20:33 - 2020-02-20 20:33 - 000181760 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\iostationdevice.dll
2020-02-20 20:30 - 2020-02-20 20:30 - 002839552 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\quantumdevice.dll
2020-02-20 20:32 - 2020-02-20 20:32 - 000657920 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\slclassicusbdevice.dll
2020-02-20 20:32 - 2020-02-20 20:32 - 002150400 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\studio192device.dll
2020-02-20 20:31 - 2020-02-20 20:31 - 000248320 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\studiolive3device.dll
2020-02-20 20:31 - 2020-02-20 20:31 - 000583168 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\studioliveardevice.dll
2020-02-20 20:31 - 2020-02-20 20:31 - 001125376 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\hwaccess\studiousbdevice.dll
2020-02-20 20:22 - 2020-02-20 20:22 - 000601600 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\asioservice.dll
2020-02-20 20:34 - 2020-02-20 20:34 - 022575104 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\studiolivepanel.dll
2020-02-20 20:33 - 2020-02-20 20:33 - 000562176 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\ucnetmonitor.dll
2020-02-20 20:25 - 2020-02-20 20:25 - 000527872 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\Plugins\windowsmidi.dll
2020-02-20 20:26 - 2020-02-20 20:26 - 000198656 ____C (PreSonus) [File not signed] C:\Program Files\PreSonus\Universal Control\ucnet.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2330612324-4196637853-554147409-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxps://www.msn.com/cs-cz/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2330612324-4196637853-554147409-1001 -> {D99F08C6-1655-45D2-ADE0-68EC592A38B6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 ____C C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2330612324-4196637853-554147409-1001\Control Panel\Desktop\\Wallpaper -> D:\obrázky\visuals-000023848215-GuQU1N-original.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine.lnk"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "WSVCUUpdateHelper.exe"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G12"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G13"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\StartupApproved\Run: => "Power2GoExpress12"
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\StartupApproved\Run: => "SpyEmergency"
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\StartupApproved\Run: => "Power2GoExpress13"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4DC95779-1B67-47CC-BE74-24B576F800EB}] => (Allow) D:\programy\BitComet.exe (Xing Wang -> www.BitComet.com)
FirewallRules: [{170930FD-29E4-4B34-B565-38C700B17985}] => (Allow) D:\programy\BitComet.exe (Xing Wang -> www.BitComet.com)
FirewallRules: [{F4AA022D-7012-4154-BDC4-012CB624C214}] => (Allow) C:\Program Files\PreSonus\Universal Control\Universal Control.exe (PreSonus) [File not signed]
FirewallRules: [{54594813-B6FC-4B1F-844F-1956B9CA6E36}] => (Allow) C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe (PreSonus) [File not signed]
FirewallRules: [{BC1BCDD2-E700-4708-B059-D94FD030E2E3}] => (Allow) C:\Program Files\PreSonus\Studio One 4\Studio One.exe (PreSonus) [File not signed]
FirewallRules: [{DC33CE76-F1CC-4B37-A57D-6681F32AC249}] => (Allow) C:\Program Files\PreSonus\Studio One 4\PlugInScanner.exe (PreSonus) [File not signed]
FirewallRules: [{BF924C50-02FB-4B27-AC90-7A187EEEDAD6}] => (Allow) C:\Users\uživatel\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{391D5971-B7AA-49B0-A286-10FAF17CBDF6}] => (Allow) C:\Users\uživatel\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{FD77BA45-1508-4C7E-8C94-96DDE672F688}] => (Allow) C:\Users\uživatel\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{F8250270-E7EE-48A3-823C-F938822D2B6D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{70CD616E-D867-465F-9D6C-C6C7BEEC4A5D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{40AB702F-4BCF-4EA9-A154-DACA3E8EB356}C:\users\uživatel\appdata\roaming\portforward.com\portforwardnetworkutilities\pfportchecker.exe] => (Block) C:\users\uživatel\appdata\roaming\portforward.com\portforwardnetworkutilities\pfportchecker.exe (Portforward, LLC -> portforward.com)
FirewallRules: [UDP Query User{2586DC16-EB4D-49A1-AF89-5C523D65D636}C:\users\uživatel\appdata\roaming\portforward.com\portforwardnetworkutilities\pfportchecker.exe] => (Block) C:\users\uživatel\appdata\roaming\portforward.com\portforwardnetworkutilities\pfportchecker.exe (Portforward, LLC -> portforward.com)
FirewallRules: [{A93CC9F6-62E3-47F0-8F18-2D6FCA4CFFEE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

11-03-2021 22:31:46 Removed Kaspersky Password Manager
26-03-2021 10:09:01 Naplánovaný kontrolní bod
05-04-2021 21:11:32 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Lenovo EasyCamera
Description: Zobrazovací zařízení USB
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/06/2021 08:19:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (04/06/2021 01:34:43 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (04/05/2021 09:08:36 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Obnovení nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (04/05/2021 06:09:12 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (04/02/2021 09:35:55 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (04/02/2021 02:20:52 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (03/29/2021 03:59:21 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (03/29/2021 03:49:43 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Obnovení nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).


System errors:
=============
Error: (04/06/2021 09:05:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spy Emergency Health Check neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/06/2021 09:05:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Nero BackItUp Scheduler 4.0 neuspěla při spuštění v důsledku následující chyby:
%%2 = Systém nemůže nalézt uvedený soubor.

Error: (04/06/2021 09:05:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\StarOpen.SYS

Error: (04/06/2021 09:05:03 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: Byl spuštěn systémový časovač sledovacího zařízení.

Error: (04/06/2021 09:05:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:01:44, ‎6. ‎4. ‎2021) bylo neočekávané.

Error: (04/02/2021 01:34:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spy Emergency Health Check neuspěla při spuštění v důsledku následující chyby:
%%2 = Systém nemůže nalézt uvedený soubor.

Error: (04/02/2021 01:34:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Nero BackItUp Scheduler 4.0 neuspěla při spuštění v důsledku následující chyby:
%%2 = Systém nemůže nalézt uvedený soubor.

Error: (04/02/2021 01:34:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\StarOpen.SYS


Windows Defender:
================
Date: 2021-03-11 21:15:46.871
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2021-03-11 21:10:52.792
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému pro kontrolu sítě. Nainstalujte požadované aktualizace a restartujte počítač.

Date: 2021-03-11 21:01:02.739
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému pro kontrolu sítě. Nainstalujte požadované aktualizace a restartujte počítač.

Date: 2021-03-11 20:54:45.466
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2021-03-11 20:47:54.942
Description:
Windows Defender Funkce ochrany v reálném čase zjistila chybu a nezdařila se.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému pro kontrolu sítě. Nainstalujte požadované aktualizace a restartujte počítač.

==================== Memory info ===========================

BIOS: LENOVO D1CN06WW 05/18/2015
Motherboard: LENOVO Lenovo B70-80
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 33%
Total physical RAM: 8107.08 MB
Available physical RAM: 5350.86 MB
Total Virtual: 9387.08 MB
Available Virtual: 6687.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:194.8 GB) (Free:135.14 GB) NTFS
Drive d: () (Fixed) (Total:698.94 GB) (Free:98.17 GB) NTFS

\\?\Volume{27689127-2015-449b-ae3e-ebb93ada5e43}\ (Obnovení) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 894.3 GB) (Disk ID: 18940DCF)

Partition: GPT.

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\ChromeHTML: -> <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{391D5971-B7AA-49B0-A286-10FAF17CBDF6}] => (Allow) C:\Users\uživatel\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{FD77BA45-1508-4C7E-8C94-96DDE672F688}] => (Allow) C:\Users\uživatel\AppData\Roaming\Zoom\bin\airhost.exe => No File
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\MountPoints2: {62a1e345-826d-11ea-8291-68f728befd68} - "E:\AutoRun.exe"
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {3A06E549-FDCC-44F3-80FC-47E998E39731} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-16] (Google Inc -> Google Inc.)
Task: {E95CD146-EC55-4FD1-892C-8A818D433A19} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-16] (Google Inc -> Google Inc.)
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte do D:\NEJPLOŠŠŠŠÍ Z POLOCH jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by uživatel (07-04-2021 22:13:09) Run:2
Running from D:\NEJPLOŠŠŠŠÍ Z POLOCH
Loaded Profiles: uživatel
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\ChromeHTML: -> <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{391D5971-B7AA-49B0-A286-10FAF17CBDF6}] => (Allow) C:\Users\uživatel\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{FD77BA45-1508-4C7E-8C94-96DDE672F688}] => (Allow) C:\Users\uživatel\AppData\Roaming\Zoom\bin\airhost.exe => No File
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\...\MountPoints2: {62a1e345-826d-11ea-8291-68f728befd68} - "E:\AutoRun.exe"
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {3A06E549-FDCC-44F3-80FC-47E998E39731} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-16] (Google Inc -> Google Inc.)
Task: {E95CD146-EC55-4FD1-892C-8A818D433A19} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-16] (Google Inc -> Google Inc.)
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2330612324-4196637853-554147409-1001_Classes\ChromeHTML => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{391D5971-B7AA-49B0-A286-10FAF17CBDF6}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD77BA45-1508-4C7E-8C94-96DDE672F688}" => not found
HKU\S-1-5-21-2330612324-4196637853-554147409-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62a1e345-826d-11ea-8291-68f728befd68} => not found
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found
HKLM\SOFTWARE\Policies\Mozilla => not found
HKLM\SOFTWARE\Policies\Google => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A06E549-FDCC-44F3-80FC-47E998E39731}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E95CD146-EC55-4FD1-892C-8A818D433A19}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => not found
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9623333 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 11009062 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 912 B
NetworkService => 912 B
uživatel => 16978 B

RecycleBin => 0 B
EmptyTemp: => 27.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:13:13 ====

Smazáno. Nastala nějaká změna?

zdravim, vypadá to, že je asi vše ok, šlape jako hodinky. děkuji

OK, rádo se stalo!